Uber’s data breach was relatively small when compared to the Yahoo hack

On Tuesday, Uber CEO Dara Khosrowshahi quietly announced that Uber had suffered a large data breach in 2016. The worst part? The company reportedly paid the hackers $100,000 to cover it up, and failed to disclose the hack in a timely manner. The hackers gained access to the personal information of 57 million Uber riders and drivers, including the names and drivers licensees of around 600,000 Uber drivers. In the blog post addressing the data breach, Khosrowshahi said that outside forensics experts did not think that rider’s locations, credit card numbers, bank accounts, and social security numbers had been taken.

As we can see in this chart from Statista, Uber’s incident was unfortunate, but relatively low impact compared to others that have occurred over the past few years. The most troubling aspect of it seems to be the lack of transparency from the company. Khosrowshahi was not CEO at the time of the attack, but in his announcement, did not try to make excuses for the company’s decision to not disclose the hack at the time: “None of this should have happened, and I will not make excuses for it.”

The company’s reputation has already been dragged through the mud this year, and for many, the breach and cover-up was the icing on the cake.